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REMARKS 



According to the present office action, claims 1-67 are pending in the 
application and claims 1-26, 28-42, 44-50, 52-63, and 65-67 stand rejected. Claims 
27, 43, 51, and 64 have been allowed. 

The applicant would like to thank the examiner for withdrawing the various 
rejections and objects enumerated in the previous office action, and for allowing 
claims 27, 43, 51, and 64 in the present application. Herein the applicant explains 
why the remaining claims are in condition for allowance. 

Rejections Under 35 U.S.C. § 103(a) 

Claims 1, 25, 28, 29, 52, 65, 66, and 67 are the independent claims. Applicant 
begins with the most recently added and newly amended claim 67, which recites: 

67. A method for processing synthetic instructions executable on a 
processor architecture, comprising: 

removing, replacing, or supplementing at least one predefined 
instruction in a guest operating system, running in a virtual machine 
environment, with synthetic instructions; 

determining whether said synthetic instructions are supported by 
said virtual machine environment by executing at least one of said 
synthetic instructions; 

enabling direct execution of instructions on said processor 
architecture using at least one of said synthetic instructions; 

wherein at least one of said synthetic instructions is configured to 
cause at least one exception trappable by a virtualization layer when 
privileged-level code is run at user-level, wherein at least one of said 
synthetic instructions is illegal to said processor architecture; 

causing said at least one exception to be issued by said processor 
architecture by using at least one of said synthetic instructions; 

invoking a trap handler within said virtualization layer in order to 
trap said at least one exception; 

emulating with said virtualization layer any implied state 
changes based on processing of said at least one exception; and 

returning control to any subsequent instructions of said guest 
operating system. 

Support for this amendment can be found at least in the following parts of the 
specification: paragraphs [0001], [0008], [0034], [0057], [0058], and [0064]. The 
various above claim elements cannot be found in the cited art. 
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The examiner cites no less than nine references in various combinations of 
rejections in the office action (pp. 2-83). The applicant has taken the opportunity to 
examine all of them, and concludes that none, alone or in combination, discloses the 
subject matter recited in claim 67. 

First, U.S. Patent No. 6,397,242 (Devine et al.) discloses a virtualization 
system including a virtual machine monitor for a computer with a segmented 
architecture. Various passages from Devine et al. are cited in the office action, 
including col. 8, 11. 35-43 (disclosing a privilege register in which privilege levels can 
be changed only by a protected mechanism), col. 12, 11. 57-60 (disclosing MMU 
entries restored to their default state if there's an exception of the virtual machine), 
col. 14, 11. 57-60 (disclosing requirements of virtual machine monitor ability to handle 
traps), col. 2, 11. 2-4 (disclosing VMM emulating traps to allow correct execution of 
an operating system), col. 4, 11. 52-54 (disclosing VMM handing traps that result from 
attempts by the virtual machine to issue privileged instructions), Abstract (disclosing 
a virtual machine monitor, a virtual machines, and various sub-systems thereof), and 
col. 7, 11. 9-13 (disclosing the VMM operating in protected mode using binary 
translation, and the VMM using direct execution). 

Next, the Robin references, both the Naval Postgraduate thesis and the 
Proceedings of the 9 th Usenix Security Symposium, disclose the problem of 
implementing secure virtual machine monitors on the Intel Pentium architecture. 
Specifically, the logical layers of typical VMMs modules are discussed (e.g. 
dispatchers, allocators, and interpreters). 

Lawton stands for the general disclosure of having multiple operating systems 
concurrently on an IA32 PC using virtualization techniques. This is a collection of 
ideas from various individuals discussing topics such as the rationale for 
virtualization, different emulation and virtualization strategies, features which are not 
naturally virtualizable, and so forth. Moreover, the other Lawton reference, x86 
Emulator merely discloses source code for running multiple operating systems 
concurrently. 

The Carols reference discloses a new general purpose model of user-kernel 
threads for the Linux system with improved performance and scalability. The model 
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is designed for building applications, such as web and proxy servers, where it is 
necessary to create thousands of network connections simultaneously. 

U.S. Patent No. 7,191,440 (Cota-Robbles et al.) discloses tracking operating 
system process and thread execution and virtual machine execution in hardware or in 
a virtual machine monitor. Thus, for example, the virtual machine monitor can derive 
scheduling information to enable a virtual machine system to guarantee adequate 
scheduling quality of service to real-time applications executing in virtual machines 
that contain both real-time and non-real time applications. 

The Virtual 8088 Mode reference discloses the notion that the 80386 system 
supports the execution of one or more 8086, 8088, 80186, 80188 programs in an 
80386 protected-mode environment. 

Finally, the Tamches reference discloses fine-grained dynamic 
instrumentation of commodity operating system kernels. In other words, it discloses 
how a kernel that can insert (and/or later remove) code at run-time has many uses, 
including performance measurement, debugging, code coverage, run-time installation 
of patches, and run-time optimizations. 

However, none of these reference, alone or in combination, diclose the notions 
recited in claim 67, including but not limited to "removing, replacing, or 
supplementing at least one predefined instruction in a guest operating system, running 
in a virtual machine environment, with synthetic instructions," and "wherein at least 
one of said synthetic instructions is configured to cause at least one exception 
trappable by a virtualization layer when privileged-level code is run at user-level, 
wherein at least one of said synthetic instructions is illegal to said processor 
architecture," and "causing said at least one exception to be issued by said processor 
architecture by using at least one of said synthetic instructions." 

The remaining independent claims 1, 25, 28, 29, 52, 65, and 66 also 

patentably define over any of the above cited art. Newly amended claim 1 recites: 

1. A method for improving processor virtualization in x86 processor 
architectures and their equivalents, including but not limited to the IA32 
architecture, said method comprising! 

removing, replacing, or supplementing one or more predefined 
instructions in a guest operating system that adversely affect 
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virtualization for a hybrid virtual machine operating on an x86 processor 
with synthetic instructions that cause at least one exception to be 
trappable by a virtualization layer, wherein said synthetic instructions 
are illegal to said architecture; and 

using at least one of said synthetic instructions to enable direct 
execution on a physical processor of instructions issued by said guest 
operating system; 

wherein said at least one of said synthetic instructions is 
executed from within guest kernel code. 

(emphasis added). Support for this amendment can be found at least in paragraphs 
[0039] and [0064]. The Devine and/or Tamches references (and any of the other 
references) do not teach at least the emphasized recitations. 
Next, claim 25 recites: 

25. A method for a guest operating system to determine whether it is 
running on a virtualized processor or running directly on an x86 processor, 
said method comprising: 

executing a synthetic instruction for returning a value representing 
an identity for the central processing unit; 

wherein said synthetic instruction is configured to be executed 
from any privileged level; 

if a value is returned, then concluding that the operating system is 
running on a virtualized processor, and thereafter utilizing synthetic 
instructions; 

wherein said synthetic instructions are configured to cause at least 
one exception to be trappable by a virtualization layer, and wherein said 
synthetic instructions are illegal to said processor architecture; and 

if an exception occurs, then concluding that the operating system is 
running directly on an x86 processor, and thereafter refraining from 
utilizing synthetic instructions. 

(emphasis added). Support for this amendment can be found at least in paragraph 
[0057]. None of the other references, either alone or in combination, teach such 
subject matter. 

Next, claim 28 recites: 

28. A method for improving guest operating system code for efficient 
patching of trappable instructions using a long JMP instruction, said 
method comprising the step of: 

in a guest operating system, locating instances of trappable 
instructions that are less than five bytes long, including instructions that 
run within ring-0 code; 
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replacing the trappable instructions with corresponding synthetic 
instructions that are at least five bytes long; 

wherein said synthetic instructions are configured to cause at least 
one exception to be trappable by a virtualization layer, and wherein said 
synthetic instructions are illegal to a physical processor architecture 
underlying said guest operating system. 

(emphasis added). The "sensitive instructions" of the Virtual 8088 Mode reference 
that are sensitive in the V86 mode (to trigger a general-protection exception), are 
merely standard flags, interrupts, and returns. They are not "synthetic" instructions 
that have been modified in a guest OS and that are "five bytes long." 
Next, claim 29 recites: 

29. A system for processing synthetic instructions on x86 processor 
architectures and their equivalents, including but not limited to the IA32 
architecture, said system comprising: 

a subsystem for trapping said synthetic instructions issued by a 
guest operating system after said synthetic instructions cause an 
exception in the x86 processor; 



a subsystem for processing said synthetic instructions for the 
guest operating system; 

wherein at least one synthetic instruction of said synthetic 
instructions is configured to enable direct execution within ring 0 layer 
of privilege. 

(emphasis added). Support for this amendment can be found at least in paragraph 
[0064]. Thus, "said synthetic instructions ... [are] configured to enable direct 
execution within ring 0 layer of privilege." Applicant submits that this notion is not 
disclosed in any of the cited references. 

Regarding claim 52, it recites that: 

52. A computer-readable medium storing thereon computer-readable 
instructions for improving processor virtualization in x86 processor 
architectures and their equivalents, including but not limited to the IA32 
architecture, said computer-readable instructions comprising: 

at least one synthetic instruction that causes an exception in the 
x86 processor that is then trapped by a virtual machine monitor running on 
said x86 processor for processing by said virtual machine monitor; 

wherein said at least one synthetic instruction is illegal to said 
processor architecture; and 

wherein said exception is a result of the execution of higher 
privileged code at a lower privileged level. 



and 
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(emphasis added). See at least paragraph [0034] for support of this subject matter 
that is not disclosed in the cited art. 

Finally, both claims 65 and 66 recite the notion of "removing, replacing, or 
supplementing instances of one or more of the following predefined instructions in 
the guest operating system . . . [with] synthetic instructions." Moreover, "predefined 
instructions" can be removed, replaced, or supplemented in a "guest operating 
system" with "synthetic instructions" that can "cause at least one exception to be 
trappable by a virtualization layer" when these "synthetic instructions are illegal to 
said architecture" (claims 65). None of the cited art teaches such synthetic 
instructions removing, replacing, or supplementing predefined instructions in a guest 
operating system (as opposed to in other modules, whether emulators, virtual devices, 
and so on). 

For the reasons given above, claims 1, 25, 28, 29, 52, 65, 66, and 67 
patentably define over all the cited art. Insofar as the dependent claims incorporate 
the limitations of the independent claims, they define over the art for similar reasons. 



Applicant believes that the present remarks are responsive to each of the 
points raised by the examiner in the official action, and submits the pending claims of 
the application are in condition for allowance. Favorable consideration and passage 
to issue of the application at the examiner's earliest convenience is earnestly solicited. 
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